Took it today. Failed. VPN section hit me the hardest it seems. 25% all others i was over 70% 

I got a sims similar to "VRF & EIGRP Sim", "DHCP, IP SLA & NetFlow Sim # 2", and a partially configured IPSEC similar to the ones in "IPSec Config Sim" 

the questions were pretty much spot on. I know where i failed. The IPSEC sim asked to disabled EIGRP split horizon where i blanked and also the IP SLA sim i forgot to turn on the icmp-jitter. 

There was also a drag and drop not on this list. Setting up key and encryption drag and drops between two routers.

Are the sims down? Getting "HTTP 500 Internal Server Error" when trying to launch. Verified and tried from 2 computers and phone both on and off my network.

Looking this over:

the R2 L2 and L1 interfaces reside on 192.168.3.2 and 2.2/24

Down the line in the BGP configuration though the commands 
R4(config)#ip prefix-list AS65001-in seq 20 permit 192.168.3.0/24
R4(config)#ip prefix-list AS65001-in seq 30 permit 192.168.2.0/23

and

R5(config)#ip prefix-list AS65001-in seq 20 permit 192.168.2.0/24
R5(config)#ip prefix-list AS65001-in seq 30 permit 192.168.2.0/23 

are suggested. 

Issue that I see is there are no /23 or subnet masks of 255.255.253.0 used 

This will give bad config when implemented. Its doable but will give the wrong information in the show commands.

Please correct me if I am wrong.

Wondering, 

While I am grateful for the sims now having an interactive version so we can practice. 

Can we get more than 15min? I know in real world testing we should do these fast but to get them down we need to slow down and get the practice. Something like 20 or 30min max would be nice.

The Detailed Sequence of Events

1. DHCP: The router wakes up and broadcasts for an IP. The DHCP server provides the IP address, Subnet Mask, Default Gateway, and (crucially) the DNS Server IP.
   
2. DNS: Now that the router has a DNS server to talk to, it performs a lookup for the hardcoded Cisco ZTP URL (e.g.,
   [code]devicehelper.cisco.com[/code]
   ).
   
3. ZTP/PnP Server Connection: The router uses that resolved IP to connect to the Cisco Public ZTP/PnP portal. It presents its serial number/certificate. The portal looks up your specific "Provisioning File" and tells the router: "You belong to Company X. Go talk to their vBond at this specific IP/FQDN."
   
4. Connection to vBond: The router finally reaches out to your private vBond Orchestrator. This is the first "real" SD-WAN controller contact. vBond authenticates the device and sends it the list of vManage and vSmart controllers.
   

The correct answer for this question is IPv6 Snooping.  See validated result from chatgpt below:

what is the correct answer to this question?

The correct answer is: IPv6 Snooping
Here’s why:

• IPv6 Snooping (ND Snooping) monitors and controls Neighbor Discovery (ND) traffic such as Neighbor Solicitations and Advertisements.
  
• It builds a binding table (IP ↔ MAC ↔ interface), which is essential for proper neighbor discovery operation and performance.
  
• It essentially ensures that the discovery process works correctly and securely by validating and tracking that traffic.
  

• RA Throttling → only limits Router Advertisement rates, not overall neighbor discovery behavior
  
• Source/Destination Guard → filters traffic based on bindings, but doesn’t control discovery traffic itself
  
• ND Multicast Suppression → reduces multicast flooding for efficiency, but doesn’t manage correctness of discovery
  

QID: AR434 shows "Use the 2001BB:BAD:CODE::/64 prefix for the DHCP pool on RQ" as the correct answer. This is clearly wrong.  See below url for reference:

https://www.how2pass.com/forum/thread-27...-5368.html

https://www.how2pass.com/forum/thread-27...-5368.html

https://www.how2pass.com/forum/thread-2776.html